Bayer is a global enterprise with core competencies in the Life Science fields of health care and agriculture. Its products and services are designed to benefit people and improve their quality of life. At Bayer you have the opportunity to be part of a culture where we value the passion of our employees to innovate and give them the power to change.

Head Radiology Medical Device Cybersecurity

Your tasks and responsibilities


The primary responsibilities of this role, Head Radiology Medical Device Cybersecurity, are to:



  • Develop, socialize, and drive program initiatives related to medical device cybersecurity
  • Lead the Bayer Radiology Medical Device Cybersecurity Task Force
  • Continuously monitor the threat landscape and determine exact impact of threats and incidents to Bayer Radiology legacy and developing medical devices
  • Support commercial team with pre-market consultation and lead preparations and conduct/follow-up on meetings and teleconferences with prospective customers
  • Support the Bayer Regulatory team and lead preparations and conduct/follow-up on meetings and teleconferences with regulatory bodies, such as FDA
  • Support the ongoing Risk Management Framework (RMF) certification effort, requiring consistent monitoring and product assessment against United States Department of Defense security rules and requirements
  • Support field service team with post-market consultation and lead preparations and conduct/follow-up on meetings and teleconferences with customers
  • Lead and manage the Incident Response Team and maintain the Incident Response Policy
  • Support the Bayer Technical Assistance Center (TAC) and Bayer Customer Complaint function with post-market incident response consultation and lead the development of internal and external approved communications describing Bayer’s position in response to security incidents and consistent with business strategy
  • Support the Bayer Radiology Legal function with consultation and advise on responses to legal agreements containing product security clauses or required action in response to cybersecurity incidents with respect to Bayer Radiology medical devices
  • Work directly with Bayer Risk Management function to assess incidents and threats and to support response to CAPAs
  • Provide leadership and support to the Bayer Safety Review Board during incidents and provide reliable information for the board to make informed decisions
  • Assist in the preparation of security documentation for 510(k) submissions as well as preparation and maintenance of technical documentation in compliance with regulations
  • Direct the efforts of the Cyber Signal Assessment team – attend meetings, lead discussion on response to incidents, insure decisions and direction of the team are aligned with business strategy and objectives
  • Manage and direct the efforts of the Bayer Radiology Medical Device Cybersecurity team
  • Clearly communicate recommended medical device cybersecurity strategies to the organization
  • Maintain current understanding of changing local and global regulatory requirements, and communicate impacts, including necessary adaptions, to peers, senior management and cross-functional team stakeholders
  • Ensure medical device cybersecurity compliance, including change management, with all applicable cybersecurity regulations and standards and proactively monitor the landscape and advise the organization on actions to be taken with regard to opportunities or threats
  • Act as a company liaison to industry trade associations. Review and suggest possible organization reaction to new or proposed legislation
  • Manage the Cybersecurity lab and associated software and hardware tools. Maintain efficient processes to support on-demand and periodic product scans and vulnerability assessments
  • Lead and manage the benchmarking effort to enable objective measurement of the performance of the Bayer Radiology Medical Device function and develop metrics that support communicating this performance with various stakeholders across the organization




Who you are


Your success will be driven by your demonstration of our LIFE values.  More specifically related to this position, Bayer seeks an incumbent who possesses the following:





Required Qualifications:



  • Post graduate degree in Engineering discipline


  • 15+ years of product development experience with a minimum of 5 years cybersecurity experience or equivalent combination of education and experience
  • Strong familiarity and hands-on experience working with medical device cybersecurity regulations and regulatory bodies (FDA, Health Canada, etc)
  • Working knowledge of HIPAA/HiTECH regulations and NIST cyber framework
  • Experience in FDA and EU medical device 510(k) security documentation requirements
  • Ability to articulate and solve medical device cybersecurity issues independently
  • Ability to communicate and negotiate effectively both verbally and written
  • Team and customer orientation


Your application

Bayer offers a wide variety of competitive compensation and benefits programs. If you meet the requirements of this unique opportunity, and you have the "Passion to Innovate" and the "Power to Change", we encourage you to apply now. Job postings will remain open for a minimum of ten business days and are subject to immediate closure thereafter without additional notice. To all recruitment agencies: Bayer does not accept unsolicited third party resumes.

Bayer is an Equal Opportunity Employer/Disabled/Veterans


Bayer is committed to providing access and reasonable accommodations in its application process for individuals with disabilities and encourages applicants with disabilities to request any needed accommodation(s) using the contact information below.


Country: United States
Location: PA-Indianola
Functional Area: [sap_fa_2]
Entry Level: 5